US-trained Terrorist Group plants Stuxnet Malware

The international community has eased its condemnation of Iran following recent negotiations between Tehran and six other nations in Istanbul, Turkey. While the participating parties agreed to further discussions on May 23, 2012 in Baghdad, both Israel and the West have given no indication of easing the strict regime of sanctions imposed on Tehran. Following claims of the Iranian leadership that it pursues civil nuclear capabilities to generate electricity and fuel for medical reactors (allowing Tehran to divert its primary oil reserves to export markets) [1], Iran’s Supreme Leader Ayatollah Ali Khamenei has issued a religious prohibition on nuclear weapons in Iran [2]. During recent discussions, Iranian negotiator Saeed Jalili emphasized Iran’s right to a civil nuclear program, as guaranteed under the Nuclear Non-Proliferation Treaty [3]. Although Tel Aviv possess between 75 to 400 nuclear warheads, Israeli Defense Minister Ehud Barak insists that all of Iran’s uranium enriched to 20% be moved to a "trusted" neighboring country [4].

While both CIA chief David H. Petraeus and US National Intelligence Director James R. Clapper Jr. concede that no credible evidence exists to accuse Iran of constructing a nuclear weapon [5], the brazen criminality of intelligence operations against Iran’s civil nuclear program remain deeply troubling. ISSSource has recently confirmed that the individuals responsible for planting the Stuxnet computer worm used to sabotage Iran’s nuclear facilities in Natanz were members of Mujahedeen-e-Khalq (MEK) [6], a US State Department-listed terrorist organization (#29) [7]. MEK was founded in 1965 as a Marxist Islamic mass political movement aimed at agitating the monarchy of the US-backed Iranian Shah, Mohammad Reza Pahlavi. The group initially sided with revolutionary clerics led by Ayatollah Khomeini following the 1979 Islamic Revolution, but eventually turned away from the regime during a power struggle that resulted in the group waging urban guerilla warfare against Iran’s Revolutionary Guards in 1981.

The organization was later given refuge by Saddam Hussein and mounted attacks on Iran from within Iraqi territory, killing an estimated 17,000 Iranian nationals in the process [8]. MEK exists as the main component of the Paris-based National Council of Resistance of Iran (NCRI), a “coalition of democratic Iranian organizations, groups and personalities,” calling itself a "parliament-in-exile” seeking to “establish a democratic, secular and coalition government” in Iran [9]. Although the group has been credited with the assassination of high profile US military personnel [10] following the Islamic Revolution on multiple occasions [11], The New Yorker reports that members of Mujahideen-e-Khalq were trained in communications, cryptography, small-unit tactics and weaponry by the Joint Special Operations Command (JSOC) at a base in Nevada starting in 2005 [12]. JSOC instructed MEK operatives on how to penetrate major Iranian communications systems, allowing the group to intercept telephone calls and text messages inside Iran for the purpose of sharing them with American intelligence.

Following the toppling of Saddam Hussein, the Iraqi Army has twice attempted to enter Camp Ashraf, a “refugee camp” where the militant wing of MEK (consisting of approximately 3,200 personnel) resided under external security protection of the US military up until 2009 [13]. With the full support of the US Embassy in Iraq and the State Department, UN special representative in Iraq Martin Kobler has organized efforts to relocate MEK insurgents to a former US military base near the Baghdad airport, amusingly titled, “Camp Liberty” – to avoid violent clashes between the MEK and the Shiite-led Iraqi government [14]. The group has long received material assistance from Israel, who assisted the organization with broadcasting into Iran from their political base in Paris, while the MEK and NCRI have reportedly provided the United States with intelligence on Iran's nuclear program, which publicly revealed the existence of the Natanz uranium-enrichment facility in 2002 [15].

While senior figures in the Council on Foreign Relations describe MEK as a "cult-like organization" with "totalitarian tendencies,” [16] a cabal of elder statesmen such as former NATO Supreme Allied Commander General Wesley K. Clark, former New York City Mayor Rudy Giuliani, former 9/11 Commission Chairman Lee Hamilton were paid $20,000 to $30,000 per engagement to endorse the removal of the Mujahideen-e Khalq from the US State Department’s list of Foreign Terrorist Organizations [17]. NCRI head Maryam Rajavi, now based in Paris and endorsed by statesmen from the United States and European Union, is famously quoted saying, "Take the Kurds under your tanks, and save your bullets for the Iranian Revolutionary Guards," during Saddam Hussein’s massacre of Iraqi Kurds in 1991 [18]. Despite the documented cases of atrocities committed by MEK forces, the Council of the European Union removed the group from the EU list of terrorist organizations in 2009; NCRI spokesperson Shahin Gobadi offered, "All we want is democratic elections in Iran," in a press statement to mark the event [19].

Although current and former US officials agree Iran is years away from having a deliverable nuclear warhead and has no secret uranium-enrichment site outside the purview of UN nuclear inspections [20], recent revelations connecting MEK with the Stuxnet computer virus that destroyed several hundred centrifuges in Iran’s Natanz nuclear facility constitutes an act of deliberate and unparalleled sabotage. Stuxnet remains the most sophisticated malware discovered thus far, the virus targets Siemens’ Simatic WinCC Step7 software, which controls industrial systems such as nuclear power plants and electrical grids from a Microsoft Windows-based PC. The virus exploits security gaps referred to as zero-day vulnerabilities, to attack specific targets. Prior to its discovery, Stuxnet was previously undetected and remained unidentified by anti-virus software, as the malware was designed to appear as legitimate software to Microsoft Windows. Upon delivery of the Stuxnet payload, the malware manipulated the operating speed of centrifuges spinning nuclear fuel to create distortions that deliberately damaged the machines, while giving the impression of normal activities to the monitoring operator and disabling their emergency controls.

ISSSource has cited current and former US intelligence officials, who confirm the Stuxnet virus was planted at Natanz nuclear facility by a saboteur believed to be a member of Mujahedeen-e-Khalq [21]. By delivering the malicious payload via USB memory stick, the group was able to damage at least 1,000 centrifuges in the Natanz nuclear facility [22]. MEK has also been accused of assassinating Iranian nuclear scientists [23] and triggering an explosion that destroyed an underground site near the town of Khorramabad in western Iran that housed most of Tehran's Shehab-3 medium-range missiles [24]. NBC News reports that Israel provided financing, training and arms to members of Mujahideen-e Khalq, who are responsible for killing five Iranian nuclear scientists since 2007 using motorcycle-borne assailants often attaching small magnetic bombs to the exterior of the victims’ cars [25]. The New York Times reports that former US President George W. Bush authorized covert action intended to sabotage Iran’s Natanz facility, after deflecting an Israeli request to shower specialized bunker-busting bombs on the facility in 2009 [26].

Due to the intricate nature of Stuxnet coding, security experts confirm its creation must the “work of a national government agency” [27]. Ralph Langner, an independent computer security expert who dismantled Stuxnet credited Israel and the United States with writing the malicious software designed to sabotage the Iranian nuclear program [28]. Considering that Stuxnet targeted Programmable Logic Controllers (PLC) used in industrial plants to automate industrial operations, the malware designers required detailed knowledge of the programming language written for PLC components to successively subvert them [29]. It remains significant that the German electrical engineering company Siemens cooperated with one of the United States in 2008 to identify vulnerabilities in the computer controllers identified as key equipment in Iran’s enrichment facilities [30]. Intelligence experts concede that testing of the Stuxnet virus was conducted in the Dimona complex located in Israel’s Negev desert, the site of Israel’s rarely acknowledged nuclear arms program [31].

When asked about the Stuxnet worm in a press conference, current White House WMD Coordinator Gary Samore boasted, “I’m glad to hear they are having troubles with their centrifuge machines, and the U.S. and its allies are doing everything we can to make it more complicated” [32]. While former chief of the International Atomic Energy Agency (IAEA) Hans Blix challenges the IAEA’s own reports on Iran’s nuclear activities (accusing the agency of relying on unverified intelligence from the US and Israel) [33], former director of US nuclear weapons production programs, Clinton Bastin, has sent an open letter to President Obama regarding the status of Iran’s capacity to produce nuclear weapons [34]. Bastin reiterates in his letter to the President, “The ultimate product of Iran's gas centrifuge facilities would be highly enriched uranium hexafluoride, a gas that cannot be used to make a weapon. Converting the gas to metal, fabricating components and assembling them with high explosives using dangerous and difficult technology that has never been used in Iran would take many years after a diversion of three tons of low enriched uranium gas from fully safeguarded inventories. The resulting weapon, if intended for delivery by missile, would have a yield equivalent to that of a kiloton of conventional high explosives” [35].

The theatrics of the US and Israel in their condemnation of Iran’s nuclear power program have come at a heavy price for the Iranian people, who have been subjected to sanctions, assassinations, condemnation and sabotage. The United States has produced more than 70,000 nuclear weapons between 1951 and 1998 [36], while Israel possess a nuclear weapons stockpile ranging from 75 to 400 warheads [37].The current legal international framework of the Nuclear Non-Proliferation Treaty guarantees the right to conduct peaceful nuclear energy programs; the deliberate provocations of the United States and Israel acting through intelligence groups such as Mossad and the CIA constitute the most genuine contempt toward international law, security and the value of a single human life. The mainstream media have worked to indoctrinate the population of the English-speaking world with an exploited and romanticized version of the Iranian theocracy’s ideological ambitions to wage “unprovoked terror,” while figures such as Iranian Foreign Minister Ali Akbar Salehi publically renounce nuclear weapons [38].

The Mujahedeen-e-Khalq, or the People’s Mujahedin of Iran is an organization responsible for the deaths of thousands of civilians since its inception. If the US and Israel launched a war against Iran, aggressor nations would likely recognize the touted “parliament-in-exile”, the National Council of Resistance of Iran, as the nation’s legitimate government. The US State Department's own website (which features Mujahedeen-e-Khalq as Foreign Terrorist Organization #29) indicates that “It is unlawful for a person in the United States or subject to the jurisdiction of the United States to knowingly provide ‘material support or resources’ to a designated FTO” [39]. As the Mujahedeen-e-Khalq continually seek removal from the US list of Foreign Terrorist Organizations [40], the group’s unpardonable offenses must not be lost to the annuls of history. While NCRI leader Maryam Rajavi would prefer to masquerade as a “pro-democracy” figure, the responsible parties of the international community must rightfully condemn the actions taken by her organization and its affiliates.

The Stuxnet virus was engineered with Iran’s nuclear program in mind, as 60% of global Stuxnet cases appear within Iran [41]. US intelligence sources indicate that American and Israeli officials are working to finalize a new Stuxnet worm, referred to as ‘Duqu’ [42]; Alexander Gostev, chief security expert at Russia’s Kaspersky Lab examined drivers used in Stuxnet and Duqu and concluded a single team most likely designed both worms, based on their interaction with the surrounding malware code [43]. Duqu malware similarly exploits Microsoft Windows systems using a zero-day vulnerability and is partially written in an advanced and previously unknown programming language, comprised of a variety of software components capable of executing information theft capabilities highly related to Iran’s nuclear program. Duqu has the capacity to steal digital certificates to help future viruses appear as secure software [44]. Duqu’s replication methods inside target networks remain unknown, however due to its modular structure, a special payload could theoretically be used in further cyber-physical attacks [45]. As the world begins to wage warfare in currency markets and programming code, the demand has never been greater for a new international legal framework to rightfully penalize covert provocateurs for manipulating economic structures and engaging in acts of sabotage.